1 /* 2 * Copyright (c) 2022 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef FOUNDATION_APPEXECFWK_SERVICES_BUNDLEMGR_INCLUDE_BUNDLE_INSTALL_CHECKER_H 17 #define FOUNDATION_APPEXECFWK_SERVICES_BUNDLEMGR_INCLUDE_BUNDLE_INSTALL_CHECKER_H 18 19 #include <memory> 20 #include <string> 21 #include <vector> 22 23 #include "app_privilege_capability.h" 24 #include "app_provision_info.h" 25 #include "appexecfwk_errors.h" 26 #include "bundle_pack_info.h" 27 #include "bundle_verify_mgr.h" 28 #include "inner_bundle_info.h" 29 #include "install_param.h" 30 31 namespace OHOS { 32 namespace AppExecFwk { 33 struct InstallCheckParam { 34 bool isPreInstallApp = false; 35 bool removable = true; 36 // status of install bundle permission 37 PermissionStatus installBundlePermissionStatus = PermissionStatus::NOT_VERIFIED_PERMISSION_STATUS; 38 // status of install enterprise bundle permission 39 PermissionStatus installEnterpriseBundlePermissionStatus = PermissionStatus::NOT_VERIFIED_PERMISSION_STATUS; 40 // status of install enterprise normal bundle permission 41 PermissionStatus installEtpNormalBundlePermissionStatus = PermissionStatus::NOT_VERIFIED_PERMISSION_STATUS; 42 // status of install enterprise mdm bundle permission 43 PermissionStatus installEtpMdmBundlePermissionStatus = PermissionStatus::NOT_VERIFIED_PERMISSION_STATUS; 44 // is shell token 45 bool isCallByShell = false; 46 Constants::AppType appType = Constants::AppType::THIRD_PARTY_APP; 47 int64_t crowdtestDeadline = Constants::INVALID_CROWDTEST_DEADLINE; // for crowdtesting type hap 48 }; 49 50 class BundleInstallChecker { 51 public: 52 /** 53 * @brief Check syscap. 54 * @param bundlePaths Indicates the file paths of all HAP packages. 55 * @return Returns ERR_OK if the syscap satisfy; returns error code otherwise. 56 */ 57 ErrCode CheckSysCap(const std::vector<std::string> &bundlePaths); 58 59 /** 60 * @brief Check signature info of multiple haps. 61 * @param bundlePaths Indicates the file paths of all HAP packages. 62 * @param hapVerifyRes Indicates the signature info. 63 * @return Returns ERR_OK if the every hap has signature info and all haps have same signature info. 64 */ 65 ErrCode CheckMultipleHapsSignInfo( 66 const std::vector<std::string> &bundlePaths, 67 std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes); 68 69 /** 70 * @brief To check the hap hash param. 71 * @param infos .Indicates all innerBundleInfo for all haps need to be installed. 72 * @param hashParams .Indicates all hashParams in installParam. 73 * @return Returns ERR_OK if haps checking successfully; returns error code otherwise. 74 */ 75 ErrCode CheckHapHashParams( 76 std::unordered_map<std::string, InnerBundleInfo> &infos, 77 std::map<std::string, std::string> hashParams); 78 79 /** 80 * @brief To check the version code and bundleName in all haps. 81 * @param infos .Indicates all innerBundleInfo for all haps need to be installed. 82 * @return Returns ERR_OK if haps checking successfully; returns error code otherwise. 83 */ 84 ErrCode CheckAppLabelInfo(const std::unordered_map<std::string, InnerBundleInfo> &infos); 85 /** 86 * @brief To check native file in all haps. 87 * @param infos .Indicates all innerBundleInfo for all haps need to be installed. 88 * @return Returns ERR_OK if haps checking successfully; returns error code otherwise. 89 */ 90 ErrCode CheckMultiNativeFile(std::unordered_map<std::string, InnerBundleInfo> &infos); 91 /** 92 * @brief To check ark native file in all haps. 93 * @param infos .Indicates all innerBundleInfo for all haps need to be installed. 94 * @return Returns ERR_OK if haps checking successfully; returns error code otherwise. 95 */ 96 ErrCode CheckMultiArkNativeFile(std::unordered_map<std::string, InnerBundleInfo> &infos); 97 /** 98 * @brief To check native so in all haps. 99 * @param infos .Indicates all innerBundleInfo for all haps need to be installed. 100 * @return Returns ERR_OK if haps checking successfully; returns error code otherwise. 101 */ 102 ErrCode CheckMultiNativeSo(std::unordered_map<std::string, InnerBundleInfo> &infos); 103 /** 104 * @brief To parse hap files and to obtain innerBundleInfo of each hap. 105 * @param bundlePaths Indicates the file paths of all HAP packages. 106 * @param checkParam Indicates the install check parameters. 107 * @param hapVerifyRes Indicates all signature info of all haps. 108 * @param infos Indicates the innerBundleinfo of each hap. 109 * @return Returns ERR_OK if each hap is parsed successfully; returns error code otherwise. 110 */ 111 ErrCode ParseHapFiles( 112 const std::vector<std::string> &bundlePaths, 113 const InstallCheckParam &checkParam, 114 std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes, 115 std::unordered_map<std::string, InnerBundleInfo> &infos); 116 /** 117 * @brief To check dependency whether or not exists. 118 * @param infos Indicates all innerBundleInfo for all haps need to be installed. 119 * @return Returns ERR_OK if haps checking successfully; returns error code otherwise. 120 */ 121 ErrCode CheckDependency(std::unordered_map<std::string, InnerBundleInfo> &infos); 122 123 void ResetProperties(); 124 IsContainEntry()125 bool IsContainEntry() 126 { 127 return isContainEntry_; 128 } 129 130 bool VaildInstallPermission(const InstallParam &installParam, 131 const std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes); 132 133 bool VaildEnterpriseInstallPermission(const InstallParam &installParam, 134 const Security::Verify::ProvisionInfo &provisionInfo); 135 136 bool VaildInstallPermissionForShare(const InstallCheckParam &checkParam, 137 const std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes); 138 139 bool VaildEnterpriseInstallPermissionForShare(const InstallCheckParam &checkParam, 140 const Security::Verify::ProvisionInfo &provisionInfo); 141 142 ErrCode CheckModuleNameForMulitHaps(const std::unordered_map<std::string, InnerBundleInfo> &infos) const; 143 144 bool IsExistedDistroModule(const InnerBundleInfo &newInfo, const InnerBundleInfo &info) const; 145 146 bool IsContainModuleName(const InnerBundleInfo &newInfo, const InnerBundleInfo &info) const; 147 148 ErrCode CheckDeviceType(std::unordered_map<std::string, InnerBundleInfo> &infos) const; 149 150 AppProvisionInfo ConvertToAppProvisionInfo(const Security::Verify::ProvisionInfo &provisionInfo) const; 151 152 ErrCode CheckProxyDatas(const InnerBundleInfo &info) const; 153 154 ErrCode CheckIsolationMode(const std::unordered_map<std::string, InnerBundleInfo> &infos) const; 155 156 ErrCode CheckSignatureFileDir(const std::string &signatureFileDir) const; 157 158 ErrCode CheckAllowEnterpriseBundle(const std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes) const; 159 160 private: 161 162 ErrCode ParseBundleInfo( 163 const std::string &bundleFilePath, 164 InnerBundleInfo &info, 165 BundlePackInfo &packInfo) const; 166 167 ErrCode CheckSystemSize( 168 const std::string &bundlePath, 169 const Constants::AppType appType) const; 170 171 void SetEntryInstallationFree( 172 const BundlePackInfo &bundlePackInfo, 173 InnerBundleInfo &innerBundleInfo); 174 175 void SetPackInstallationFree(BundlePackInfo &bundlePackInfo, const InnerBundleInfo &innerBundleInfo) const; 176 177 void CollectProvisionInfo( 178 const Security::Verify::ProvisionInfo &provisionInfo, 179 const AppPrivilegeCapability &appPrivilegeCapability, 180 InnerBundleInfo &newInfo); 181 182 void GetPrivilegeCapability( 183 const InstallCheckParam &checkParam, InnerBundleInfo &newInfo); 184 185 void ParseAppPrivilegeCapability( 186 const Security::Verify::ProvisionInfo &provisionInfo, 187 AppPrivilegeCapability &appPrivilegeCapability); 188 189 ErrCode CheckMainElement(const InnerBundleInfo &info); 190 191 ErrCode CheckBundleName(const std::string &provisionInfoBundleName, const std::string &bundleName); 192 193 void FetchPrivilegeCapabilityFromPreConfig( 194 const std::string &bundleName, 195 const std::string &appSignature, 196 AppPrivilegeCapability &appPrivilegeCapability); 197 198 bool MatchSignature(const std::vector<std::string> &appSignatures, const std::string &signature); 199 200 bool GetPrivilegeCapabilityValue(const std::vector<std::string> &existInJson, 201 const std::string &key, bool existInPreJson, bool existInProvision); 202 203 ErrCode ProcessBundleInfoByPrivilegeCapability(const AppPrivilegeCapability &appPrivilegeCapability, 204 InnerBundleInfo &innerBundleInfo); 205 206 bool NeedCheckDependency(const Dependency &dependency, const InnerBundleInfo &info); 207 208 bool FindModuleInInstallingPackage( 209 const std::string &moduleName, 210 const std::string &bundleName, 211 const std::unordered_map<std::string, InnerBundleInfo> &infos); 212 213 bool FindModuleInInstalledPackage( 214 const std::string &moduleName, 215 const std::string &bundleName, 216 uint32_t versionCode); 217 218 bool isContainEntry_ = false; 219 220 void SetAppProvisionMetadata(const std::vector<Security::Verify::Metadata> &provisionMetadatas, 221 InnerBundleInfo &newInfo); 222 223 bool CheckProxyPermissionLevel(const std::string &permissionName) const; 224 }; 225 } // namespace AppExecFwk 226 } // namespace OHOS 227 #endif // FOUNDATION_APPEXECFWK_SERVICES_BUNDLEMGR_INCLUDE_BUNDLE_INSTALL_CHECKER_H